LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

64 +1

3,470 +3

581 +2

singularity by nccgroup

A DNS rebinding attack framework.

created at June 5, 2018, 9:04 p.m.

32 +0

974 +0

136 +0

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

created at July 3, 2012, 7:42 a.m.

483 -2

19,678 +20

2,938 +1

dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

created at June 19, 2018, 2:06 a.m.

24 +0

481 +0

93 +0

whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

created at April 1, 2018, 12:11 a.m.

22 +0

612 +0

102 +0

dref by mwrlabs

DNS Rebinding Exploitation Framework

created at June 26, 2018, 10:09 a.m.

25 +0

481 +0

71 +0

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,815 +0

150 +0

ctftool by taviso

Interactive CTF Exploration Tool

created at June 7, 2019, 3:39 a.m.

60 +0

1,631 +0

276 -1

dtd-finder by GoSecure

List DTDs and generate XXE payloads using those local DTDs.

created at July 15, 2019, 8:13 p.m.

14 +0

582 +0

103 +0

cefdebug by taviso

Minimal code to connect to a CEF debugger.

created at Oct. 3, 2019, 2:09 p.m.

7 +0

191 +1

19 +0

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

created at Oct. 30, 2019, 5:03 a.m.

90 +1

4,378 +18

1,079 +5

xss-payload-list by payloadbox

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

created at April 23, 2018, 6:09 a.m.

139 +0

5,673 +19

1,580 +2

open-redirect-payload-list by payloadbox

🎯 Open Redirect Payload List

created at Aug. 15, 2019, 3:29 p.m.

19 +0

496 +1

173 +0

xxe-injection-payload-list by payloadbox

🎯 XML External Entity (XXE) Injection Payload List

created at Nov. 19, 2019, 5:04 a.m.

24 +0

1,021 +2

281 +0

command-injection-payload-list by payloadbox

🎯 Command Injection Payload List

created at Nov. 3, 2018, 6:35 p.m.

72 +0

2,663 +7

589 +5

mutual-tls-ssl by Hakky54

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included

created at Nov. 11, 2018, 7:07 p.m.

19 +0

541 +1

121 +0

awesome-ctf-cheatsheet by uppusaikiran

CTF Cheatsheet

created at Feb. 11, 2020, 5:14 p.m.

1 +0

21 +2

2 +0

phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

created at May 21, 2014, 7:43 p.m.

103 +0

2,146 +7

434 +1

nuclei by projectdiscovery

Fast and customizable vulnerability scanner based on simple YAML based DSL.

created at April 3, 2020, 6:47 p.m.

215 +0

17,389 +76

2,256 +9

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

created at Sept. 19, 2014, 2:53 p.m.

156 +0

9,589 +31

9,399 +50